Efficient Image Encryption Scheme Based on 4-Dimensional Chaotic Maps

This paper proposes a new family of 4-dimensional chaotic cat maps. This family is then used in the design of a novel block-based image encryption scheme. This scheme is composed of two independent phases, a robust light shuffling phase and a masking phase which operate on imageblocks. It utilizes measures of central tendency to mix blocks of the image at hand to enhance security against a number of cryptanalytic attacks. The mixing is designed so that while encryption is highly sensitive to the secret key and the input image, decryption is robust against noise and cropping of the cipher-image. Empirical results show high performance of the suggested scheme and its robustness against well-known cryptanalytic attacks. Furthermore, comparisons with existing image encryption methods are presented which demonstrate the superiority of the proposed scheme.


Introduction
The rapid growth in multimedia applications has led to the vast spread of multimedia information across public networks.As a consequence, such information has become vulnerable to eavesdropping.Therefore, the need for safeguarding algorithms has become of major concern.Digital images are amongst the most popular digital media, they are found in a number of applications including military, medical and geographical applications.Due to this wide range of applications, research for developing efficient safeguarding algorithms has grasped the attention of scientists and engineers more than ever.
Cryptography is a field of mathematics and computer science that provide many security services including encryption and data hiding.Data hiding is a process that intends to hide secret information within cover media in such a way that an eavesdropper is incapable to detect the presence of such information within the carrier.On the contrary, encryption is a process that transforms secret information into scrambled data which is totally meaningless to an eavesdropper (Katz et al., 1996;Rijmen and Daemen, 2001;Rivest et al., 1978).Both techniques require a secret key that entitles the recipient to recover back the secret information.One disadvantage of data hiding techniques is that most schemes hide the raw data within the cover media (Cheddad et al., 2010;Mao and Qin, 2013;Ghebleh and Kanso, 2014;Tang et al., 2014).Furthermore, secret images of large sizes require quite large carriers.Due to some inherent characteristics of digital images such as bulk data capacity, high redundancy and correlation between adjacent pixels, conventional encryption schemes such as the Data Encryption Standard (DES) (Katz et al., 1996), the Advanced Encryption Standard (AES) (Rijmen and Daemen, 2001), the Rivest, Shamir and Adleman's scheme (RSA) (Rivest et al., 1978) are unsuitable for the encryption of digital images.
Chaotic systems have a number of important characteristics such as high sensitive dependence on initial conditions and control parameters, large keyspace, unpredictability, ergodicity, and mixing property.Furthermore, with suitable control parameters and initial conditions, they can generate random looking sequences indistinguishable from random sequences.Confusion and diffusion are two important properties of any suitable encryption scheme (Shannon, 1949).In image encryption, confusion makes the relationship between the cipher-image and the secret key as complex as possible.That is, the impact of a tiny change to the secret key results in a major change in the cipher-image.On the other hand, diffusion makes the statistical relationship between the plain-image and the cipherimage as complex as possible.That is, the impact of a tiny change in the plain-image results in a major change in the cipher-image.This complexity can be obtained by a number of permutations and substitutions.Owing to the strong relationship between the properties of chaotic systems and Shannon's principles of confusion and diffusion (Shannon, 1949), which are ideal properties in the design of a strong image encryption scheme, chaotic systems have become promising building blocks in the construction of such schemes.In 1998, Fridrich (1998) presented an elegant chaos-based image encryption scheme that consists of two phases: a shuffling phase to confuse the relationship between the cipher-image and the plain-image, and a masking phase to spread a small change in the plain-image throughout the whole cipher-image.Despite the fact that Fridrich's scheme is shown to suffer from security issues under chosen cipher-image scenario (Solak et al., 2010;Xie et al., 2017), Fridrich's approach has been adopted in the designs of most proposed chaos-based image encryption schemes.Throughout the last two decades, a number of chaos-based image encryption schemes have been developed (Chen et al., 2004;Guan et al., 2005;Behnia et al., 2008;Zhang et al., 2010;Liu Y. et al., 2016;Hua et al., 2015;Kanso andGhebleh, 2012, 2015a;Khan et al., 2017;Fu et al., 2018;Khan and Shah, 2015).Chen et al. (2004) proposed an image encryption scheme that employs a 3-dimensional (3D) cat map.However, Chen et al.'s scheme (Chen et al., 2004) is shown to be vulnerable to differential attacks (Li and Chen, 2008;Wang et al., 2005).Guan et al. (2005) proposed an image encryption scheme based on Arnold cat map and Chen's chaotic system.Cokal and Solak (2009) proved that this scheme suffers from security weaknesses under chosen plain-image and known plain-image scenarios.Behnia et al. (2008) proposed a new kind of image encryption scheme based on composition of trigonometric chaotic maps.However, this scheme is shown to suffer from security issues under chosen plain-image scenario and differential attacks (Li et al., 2010).Zhang et al. (2010) proposed an image encryption scheme based on DNA addition in conjunction with two chaotic logistic maps.Hermassi et al. (2014) revealed a number of flaws including non-invertibility of Zhang et al.'s scheme (Zhang et al., 2010).In Zhu (2012), Zhu proposed an image encryption scheme based on improved hyper-chaotic sequences.Li et al. (2013) showed that Zhu's scheme can be broken with only one known plain-image.In Liu Y. et al. (2016), a hyper-chaos-based image encryption algorithm with linear feedback shift registers is proposed.Zhang et al. (2017) showed that this scheme has some flaws due to weak security of the diffusion process and it is vulnerable to differential attacks.Hua et al. (2015) introduced a new 2D sine logistic modulation map and proposed a chaotic magic transform image encryption scheme.Kanso and Ghebleh (2012) proposed an image encryption scheme based on 3D cat map.In Kanso and Ghebleh (2015a), a new family of 4D cat maps is proposed together with an image encryption scheme for medical applications.Khan et al. (2017) proposed a chaos-based image encryption scheme that utilizes a non-linear chaotic algorithm for destroying correlation and diffusion in plain-image.In Fu et al. (2018), Fu et al. proposed an algorithm based on a 4D hyper-chaotic system in conjunction with the hash function SHA-224.In addition to the aforementioned schemes, the research committee has proposed a number of schemes such as those presented in Wang et al. (2015), Zhou et al. (2014), Xu et al. (2016), Liu et al. (2016), Hua and Zhou (2017), Zhou et al. (2013), Wu et al. (2014), Cao et al. (2018), Hua et al. (2019), Khan et al. (2017), Fu et al. (2018), Liu et al. (2019), Sun et al. (2020), Hemdan et al. (2019) and references therein.
Among the large number of image encryption schemes that have appeared in the literature, security flaws in some of these schemes have been revealed by the cryptographic community.Furthermore, the rapid advancement of digital media technology demands the attention of researchers to develop fast and efficient image encryption schemes.Arnold's cat map (Arnol'd and Avez, 1968) is one of the most studied 2D chaotic maps.Due to its characteristics, it has been widely used in a number of cryptographic applications (Guan et al., 2005;Xiao et al., 2009;Fu et al., 2011;Ghebleh et al., 2014b;Soleymani et al., 2014;Kanso and Ghebleh, 2015a,b).Furthermore, a number of generalizations of the 2D cat map have appeared in the literature (Chen et al., 2004;Kanso and Ghebleh, 2013).In this paper, we propose a new family of 4D chaotic cat maps that is an extension of the generalization suggested in Kanso and Ghebleh (2013) for use in cryptographic applications.The objective of this proposal is to increase the number of control parameters in the coefficient matrix defining the 4D cat map which in turn increases the size of the keyspace of any cryptographic scheme adopting the generalization.We then propose an image encryption scheme based on members of this family.The proposed scheme follows Fridrich's approach.It is composed of a light shuffling phase and a masking phase, which operate on image-blocks.The shuffling phase preforms a circular shift on the rows and columns of the image at hand in conjunction with a zigzag ordering algorithm.The masking phase uses pseudorandom sequences generated by the proposed 4D cat map for diffusion of the resulting shuffle-image.Furthermore, the masking phase applies measures of central tendency to enhance security against a number of cryptanalytic attacks such as differential attacks.The mixing is designed so that while encryption is highly sensitive to the secret key and the input image, decryption is robust against noise and cropping of the cipher-image.Simulation results are presented to demonstrate the high performance of the proposed scheme and its high security level.
The main contributions of this work are as follows: • The method is simple and efficient.
• The encryption scheme is highly sensitive to its key and input image, while the decryption scheme is robust against various alternations such as noise and cropping of cipher-image.• The method is block-based.Based on the block size, there is a tradeoff between the security and the speed of the proposed scheme.However, simulations show that the chosen block size makes the scheme robust to existing attacks, insensitive to cipherimage attacks, and faster than existing schemes.
The paper is organized as follows: Section 2 presents the proposed family of 4D cat maps.In Section 3, we give a detailed description of the proposed image encryption scheme.We also demonstrate the randomness of matrices generated by successive iterations of the proposed 4D cat map.Section 4 showcases the efficiency of the proposed scheme.It also presents simulation results that demonstrate the robustness of the proposed scheme against statistical attacks.In Section 5, we further analyse the security of the proposed scheme.In Section 6, we showcase the superiority of the proposed scheme over some of the existing schemes.Finally, we end the paper with some concluding remarks.
The discrete cat map can be defined accordingly by x n y n mod 1, which starting from any initial state (x 0 , y 0 ) defines an infinite sequence of 2-vectors.This map can be generalized (Chen et al., 2004) using two positive integer parameters a and b as Further generalizations of this map to higher dimensions are also known (Chen et al., 2004;Kanso and Ghebleh, 2013).Chen et al. (2004) proposed a generalization of the 2D cat map into a 3D cat map, where the coefficient matrix consists of six control parameters.Kanso and Ghebleh (2013) extended the generalization of the 2D cat map into a 4D cat map, where the coefficient matrix consists of four control parameters.Despite existing generalizations, in this paper we extend the generalization of the 4D cat map suggested in Kanso and Ghebleh (2013) so that the number of control parameters of the coefficient matrix increases to twelve positive integers.The increase in the number of control parameters is very beneficial to cryptographic applications since it leads to a larger keyspace of the cryptographic scheme.
We consider the following path to define a new 4 × 4 coefficient matrix for a 4D cat map.The building blocks for this definition are maps which fix two coordinates and apply Eq. ( 1) to the other two coordinates.More specifically, we use the six matrices where a 1 , . . ., a 6 , b 1 , . . ., b 6 are constant positive integers.Note that each M ij is obtained from the identity matrix I 4 via replacing a 2 × 2 principal minor by the coefficient matrix of Eq. (1) using parameters a = a k and b = b k .The 4 × 4 coefficient matrix is now defined to be (2) In turn, this matrix can be used in defining the 4D cat map It is easy to see that each matrix M ij has determinant 1, thus det(A) = 1.On the other hand, since this construction involves no subtraction, and since all its parameters are positive integers, each entry of the matrix A of Eq. ( 2) is greater than or equal to its corresponding entry in the matrix A 0 obtained with all parameters set to 1: In particular, tr(A) tr(A 0 ) = 20.Now if λ 1 , λ 2 , λ 3 , λ 4 denote the (possibly complex) eigenvalues of A, then Thus at least one eigenvalue of A has modulus greater than 1, which justifies chaotic behaviour of the map of Eq. ( 3).See Ott (2002), Hua et al. (2017), Wang et al. (2018) for more information.
For all the experimental results presented in this work, we use the values for the control parameters of the 4D cat map, while yield the coefficients matrix Since A has more than one eigenvalue greater than 1, the 4D cat map of Eq. ( 3) exhibits hyper-chaotic behaviour (Hua et al., 2017).

Description of the Proposed Scheme Pr-IES
In this work, we propose an image encryption scheme that follows Fridrich's approach.
The proposed scheme consists of three phases (i) a preprocessing phase for reshaping the input image, (ii) a shuffling phase for destroying any correlation between adjacent intensity values, and (iii) a masking phase that acts on the shuffle-image to change its intensity values in such a way that a tiny change in one intensity value spreads out to almost all intensity values in the cipher-image.Algorithm 1 depicts the phases of the proposed image encryption scheme.

The Preprocessing Phase
The size of the input image plays an important role in the performance of the proposed scheme.In the preprocessing phase, the input image J , typically a 2D (for grayscale images) or 3D (for colour images) array of bytes, is reshaped into an almost square 2D matrix J 0 .This step is necessary if the number of rows of the 2D matrix is more than twice Algorithm 1: The proposed image encryption scheme Pr-IES Data: Plain-image J and the number of rounds r and s Data: Initial conditions and control parameters from secret key K Result: The encrypted image J cipher J 0 ← Preprocess(J ) J shuffled ← Shuffle(J 0 , r, K 1 ), where K 1 ∈ K J masked ← Mask(J shuffled , s, K 2 ), where K 2 ∈ K Reshape J masked into the shape of the input matrix J to produce the encrypted image J cipher the number of columns or vice versa.If this condition is not attainable (e.g. if the number of rows and columns of J are primes far apart), then a padding scheme can be applied to the input image.We refer to the number of rows and columns of the resulting matrix J 0 from the preprocessing phase by m and n, respectively.

The Shuffling Phase
This phase aims to destroy correlations between adjacent pixels in the input image.It performs an (a, b)-circular shift on the matrix at hand in conjunction with a zigzag reordering of the entries.By an (a, b)-circular shift we mean shifting all entries of the matrix a − 1 places up and b − 1 places left, so that the (a, b)-entry is moved to the (1, 1) position.Note that entries exiting the matrix from the top or from the left, enter from the opposite side in a circular fashion.This phase requires 2r pseudorandom numbers, where r is the number of rounds.These numbers can be obtained from a chaotic map such as the skew tent map where p ∈ (0, 1) is a control parameter and u 0 ∈ (0, 1).The skew tent map is widely used in cryptographic applications (Alvarez and Li, 2006;Ghebleh et al., 2014a).Algorithm 2 depicts the shuffling phase of the proposed image encryption scheme.
To illustrate the shuffling phase, we present a one round toy example on the 4 × 5 matrix Algorithm 2: The shuffling of the matrix J 0 Data: The array J 0 from the preprocessing phase and the number of rounds r Data: Initial condition u 0 and control parameter p of the skew tent map from secret key K Result: Shuffled matrix J shuffled P 0 ← J 0 for k = 1 to r do Generate two numbers u and v by successive iterations of the skew tent map Suppose a = 4 and b = 3. Performing a (4, 3)-circular shift on the matrix J 0 gives

The Masking Phase
The masking phase acts on the shuffled matrix J shuffled .It masks the rows and columns of J shuffled using entries of matrices 1 , 2 , . . ., s consisting of pseudorandom bytes (integers in [0, 255]) derived from output sequences of the 4D cat map defined in Eq. ( 3).More specifically, each k is a 4 × matrix of bytes where 4 is greater than or equal to the number of entries of J shuffled .Columns of 1 are generated via iterations of the 4D cat map with chosen control parameters.For 2 k s, we define k by applying a (possibly different) 4D cat map to columns of k−1 .It is demonstrated in Subsection 3.4 that this transition of matrices preserves pseudorandomness of entries.The masking phase also mixes the rows and the columns of the image at hand using measures of central tendency.Algorithm (3) presents a detailed description of the masking phase.

Randomness of the Masking Matrices
In Bassham et al. (2010), the National Institute of Standards and Technology (NIST) proposes a Statistical Test Suite (STS) which is one of the most popular tools for validation of random number generators and pseudorandom number generators for cryptographic applications.To assess randomness of their entries, we subject the matrices 1 , 2 , . . ., 50 constructed in 50 rounds of Algorithm 3 to the STS.These matrices are computed using the 4D cat map coefficient matrix A of Eq. ( 3) which is used also as the transition matrix in all rounds.That is, Further parameters used in the generation of these matrices are m = 256, n = 512, and randomized initial condition x 0 .Hence each k is a 4 × 32768 matrix, which is passed to the STS as a sequence of 1048576 bits.Table 1 presents the results generated by the STS.On the basis of these results, we conclude that the matrices 1 , 2 , . . ., 50 all possess excellent randomness properties.

Statistical Analysis of Cipher-Images
In this section, we showcase the efficiency of the proposed scheme.We then evaluate the randomness of cipher-images corresponding to standard test images.Furthermore, we consider cipher-images corresponding to bank of test plain-images.

Test Images and Parameters
This section shows the efficiency of the proposed image encryption scheme Pr-IES.Figure 2 presents the shuffle-images corresponding to the test images Barbara, Lena and Elaine for r = 1, 2, 3 and 4. It is evident that for r > 3 the shuffle-images show no pattern.On the basis of these results and the fact that a shuffle-image is almost free of correlation for r = 5 (as shown in Fig. 3), we consider the number of rounds for the shuffling phase to be set to 5. Similarly, it is shown in Section 5 that the image encryption Algorithm 3: Generation of the scrambled matrix J masked Data: J shuffled from the shuffling phase and the number of rounds s Data: Initial condition x 0 and control parameters of the 4D cat map from secret key K Data: Control parameters of the coefficient matrices A 2 , A 3 , . . ., A s from secret key K Result: Encrypted matrix J masked for j = 1 to mn/4 do x j ← Ax j −1 mod 1 1 ← 256X where X is the matrix whose j -th column is x j 1 ← reshape the first mn entries of 1 into an m × n matrix  scheme Pr-IES is robust against differential attacks when the number of rounds for the masking phase s > 3. Thus, r = s = 5 is ideal for the robustness of the proposed encryption scheme.Figure 3 depicts the shuffle-images and cipher-images corresponding to the test plainimages Barbara, Lena and Elaine, with r = s = 5.It is evident that one cannot distinguish between the cipher-images and a random image.

Histogram Analysis
Histogram analysis is an important test which shows the distribution of the intensity values of the pixels within an image.A secure image encryption scheme produces cipher-images whose pixel intensity values are uniformly distributed in the interval [0, 255].It is evident from Fig. 4, which depicts the histograms of the test images Barbara, Lena, Elaine and their corresponding cipher-images, that the histograms of the cipher-images are almost flat and hence show no useful information about the plain-images.Furthermore, the average pixel intensity of the cipher-images is approximately 127.50, which is the ideal value.Moreover, Table 2 reports the chi-square test (Kwok and Tang, 2007) for cipher-images and random images.It is evident that the chi-square measures for cipher-images are similar to those of random images and they are less than the upper bound 293 for a significance level 0.05.

Correlation Analysis of Adjacent Pixels
A secure image encryption scheme generates cipher-images almost free of any correlation.The correlation coefficients r xy between N pairs of randomly chosen adjacent pixels x = and E[y] are the expected values of the samples x and y respectively, and σ x and σ y are their standard deviations.Table 3 reports the correlation coefficients for cipher-images corresponding to the test plain-images Barbara, Lena and Elaine.Furthermore, the table presents the correlation coefficients of the shuffle-images corresponding to the test images.It is evident from this table that the correlation coefficients of the cipher-images and the shuffle-images are almost zero.Hence, the cipher-images are almost free of any correlation.
Figure 5 depicts a plot of the points (x i , y i ), where 1 i 10000, in the plain-image Lena and its corresponding shuffle-image and cipher-image.It is evident from this figure that the cipher-image is almost free of any correlation between the values of x i and y i .The cipher-images corresponding to the plain-images Barbara and Elaine have similar behaviour, hence are omitted.

Information entropy analysis
Information entropy (Shannon, 1948) is an important measure for evaluating the strength of an image encryption scheme.It measures the distribution of gray-values in an image.The entropy H (s) of a source s emitting 256 symbols s 1 , s 2 , . . ., s 256 is defined by where P (s i ) represents the probability of occurrence of s i .For a random source s, H (s) = 8.Table 4 reports the entropy measures for the test plain-images and their corresponding cipher-images.The reported measures are very close to the ideal value 8. Hence, the proposed scheme is robust against entropy attacks.
To further showcase the randomness of the proposed image encryption scheme we measure the entropy over local cipher-images blocks (Wu et al., 2013).(Wu et al., 2013).Table 5 also includes the mean of local entropy measures for a random image and its corresponding cipher-image.

Randomness Analysis
In this section, we evaluate the randomness of cipher-images generated by the proposed scheme Pr-IES using the STS proposed by the National Institute for Standards and Technology (NIST) (Bassham et al., 2010).For this regard, we consider the first 100 images from the test bank of images in BOWS2 (2019).We encrypt each 512 × 512 image by the proposed scheme, and subject the resulting cipher-image to the STS.Each cipher-image consists of 2097152 bits and is processed in STS as a single sequence.Table 6 reports the STS results for a collection of 100 cipher-images, each of length 2097152 bits.According to documentation of the STS documentation (Bassham et al., 2010), the minimum pass rate for each test is 96%.Thus, it is evident that the cipher-images pass all 15 test and hence, they possess very good randomness properties.

Speed Analysis
In this section, we report the running speed of the proposed image encryption scheme Pr-IES in MATLAB on a desktop machine with an Intel® Core™ i7-4770 processor and 8GB of memory, running Windows 10.Table 7 reports the running time for encrypting the test images by the proposed scheme.Furthermore, Fig. 6 shows a sample of the running times for encrypting grayscale images of different sizes by the proposed image encryption scheme with r = s = 5.

Security Analysis
In this section, we evaluate the security level of the proposed scheme.We show that the proposed scheme Pr-IES is highly sensitive to a slight modification in the plain-image.We further show that the scheme has a large keyspace, and it is highly sensitive to its secret key and control parameters.Moreover, we analyse the security of the proposed scheme under cipher-image scenario and chosen plain-image scenario.In addition to that, we demonstrate the robustness of its decryption to various alterations in the cipher-image.

Differential analysis
Differential analysis of an image encryption scheme investigates the affect of a slight modification in the plain-image on the corresponding cipher-image.In this section, we measure the sensitivity of the proposed image encryption against slight modification in the plain-image.The Number of Pixels Change Rate (NPCR) and Unified Average Chang-   [33.4183, 33.5088] [ 33.4040, 33.5231] [ 33.3875, 33.5396] ing Intensity (UACI) are two measures used to evaluate the strength of image encryption schemes against differential attacks (Wu et al., 2011).Suppose C 1 and C 2 are two m × n matrices, then the NPCR and UACI between C 1 and C 2 are given by where According to Wu et al. (2011), the theoretical ideal NPCR and UACI measures for C 1 and C 2 to be random-like in comparison are approximately 99.6094% and 33.4635%, respectively.Furthermore, Table 8 reports the acceptance intervals for the null hypothesis with different significance levels for the NPCR and UACI measures.We evaluate the robustness of the proposed image encryption scheme by considering two plain-images P 1 and P 2 , where P 1 and P 2 differ in a single bit.We encrypt P 1 and P 2 using the proposed image encryption scheme, with the same secret key and parameters, to get cipher-images C 1 and C 2 , respectively.We then compute the NPCR and UACI measures between C 1 and C 2 .For each test image Barbara, Lena and Elaine, we repeat this test 100 times, where each time we flip the least significant bit of a randomly selected intensity value in the plain-image (including the first and the last intensity value).The minimum, mean and maximum NPCR and UACI measures of the ciphers-images of the original plain-image for each of the 100 cipher-images resulting from a slight modification to the original plain-image are reported in Table 9.
We further evaluate the robustness of the proposed scheme by subjecting each of the first 100 test images from (BOWS2) to the plain-image sensitivity test.For each plainimage we repeat the test 100 times, where each time we make a change to the least significant bit of a randomly chosen intensity value of the original plain-image.It turns out that the pass rate for the NPCR is 99.85% and that for the UACI is 99.93%.Figure 7 depicts a point plot, where each point corresponds to an NPCR/UACI measure resulting from repeating the sensitivity test 100 times for each of the 100 images from (BOWS2).It is evident from this figure that the proposed scheme is robust against plain-image sensitivity.

Keyspace
The secret key K of the proposed scheme is composed of two doubles p, u 0 ∈ (0, 1) for the shuffling phase, as well as control parameters and initial conditions of the 4D cat map(s) used in the masking phase.In the latter, there are at least 12 positive integers (for control parameters) and four doubles in (0, 1).Under the assumption that 64-bit doubles and 8-bit integers are used to initialize the cat map, and with the commonly used precision of 10 −14 for 64-bit doubles, the secret key of the proposed scheme has size at least 2 8 12 • 10 14 6 > 2 375 .This number renders key search attacks impractical.The keyspace may further expand if we consider distinct transition matrices A 2 , A 3 , . . ., A s in Algorithm (3).In such a case the size of the keyspace becomes 2 8 12s • 10 14 6 , which with s = 5 yields a keyspace of size larger than > 2 759 .
Figure 8 depicts the bitwise xor (exclusive or) of two cipher-images C 1 and C 2 corresponding to the test image Lena with slightly different keys K 1 and K 2 .Figure 9 shows histograms of the images presented in Fig. 8. Furthermore, Table 10 reports the NPCR and UACI measures between cipher-images C 1 and C 2 of the three test images Barbara, Lena and Elaine generated using slightly different keys.
The experimental results presented in Fig. 8, Fig. 9, and Table 10 demonstrate high sensitivity of the proposed scheme to its secret key, hence its robustness against key search attacks.

Cipher-Image and Plain-Image Analysis
In this section, we show that the proposed scheme is robust against cipher-image and plainimage analysis.In a cipher-image attack, the intruder has only access to the cipher-image.Since the above tests show that no useful information about the plain-image can be gained  from the corresponding cipher-image, we conclude that the proposed scheme is robust against this type of attack.In a plain-image attack, the intruder can choose any part of the plain-image and request its corresponding cipher-image part.The aim of this attack is to reconstruct some other plain-image parts.The fact that the chaotic map possesses the one-way property due to floating point errors makes the inverse computation very difficult.Furthermore, since the proposed scheme is highly dependent on its secret key, one cannot predict further outputs of the 4D cat map.Thus, the scheme is robust against this type of attacks.

Robustness to Noise and Data Loss
Earlier, we have shown that the proposed scheme is highly sensitive to its secret key, and it is also highly sensitive to a tiny change in its input plain-image.That is, a change in a plain-image intensity value spreads over all intensity values in the corresponding cipherimage.In this section, we show that a change in intensity values in the cipher-image affects only few intensity values in the corresponding plain-image.The importance of this feature is that with distortion of cipher-images due to salt and pepper noise or data loss one can still successfully recover the corresponding plain-image.Figure 10 depicts median filtered recovered plain-image Lena resulting from subjecting its corresponding cipher-image to salt and pepper noise for different levels of added noise. Figure 11 depicts the median filtered recovered plain-image Lena resulting from subjecting its corresponding cipherimage to data loss for different sizes of data loss.

Comparison with Existing Work
In this section, we compare the performance of the proposed scheme Pr-IES with existing ones.Figure 12  Figure 12 shows that the pass rate for the proposed scheme is 25/25 with α = 0.05 significance level for the NPCR and UACI measures.Table 11 reports the schemes under comparison and the pass rate of each scheme.We further compare the correlation coefficients between adjacent pixels of the proposed scheme and existing ones.Figure 13 depicts the correlation coefficients between adjacent intensity values in the horizontal, vertical and diagonal directions for the test image Lena and its corresponding cipher-images generated by the proposed scheme and existing schemes.Note the schemes proposed in Fu et al. (2011) and Liao et al. (2010) are referred to by FLMLC and LLZ, respectively.
Table 11 The NPCR and UACI pass rates of the proposed scheme and some existing schemes.The pass rates for the schemes under comparison are quoted from Hua et al. (2019).
It is evident from the obtained results that the proposed scheme has superiority over existing schemes and competitive with others.

Conclusion
We propose a new family of 4D chaotic cat maps.As an application of these maps, we present a novel block-based image encryption scheme utilizing them.This scheme consists of a light shuffling phase and a masking phase which uses measures of central tendency for mixing the image blocks.While encryption is highly sensitive to the secret key and the input image, decryption is robust against noise and cropping of the cipher-image.Simulations show that the proposed scheme generates cipher-images possessing high ran- domness properties.Furthermore, the scheme is shown to be robust against differential cryptanalysis.With respect to existing works, the proposed scheme is shown to have superior performance over existing image encryption algorithms and to be competitive with others.
Figure 1 depicts standard grayscale test images Barbara of size 256 × 256, Lena of size 512 × 512 and Elaine of size 1024 × 1024.

Fig. 2 .
Fig. 2. The shuffle-images corresponding to the test images Barbara, Lena and Elaine.

Fig. 3 .
Fig. 3.The shuffle-images (top) and cipher-images (bottom) for r = s = 5 corresponding to the test plain-images Barbara, Lena and Elaine.The decipher-images are identical to the plain-images.

Fig. 4 .
Fig. 4. Histograms of the test images Barbara, Lena and Elaine (top) and their corresponding cipher-images (bottom).

Fig. 5 .
Fig. 5. Point plots of the intensity values of randomly chosen pairs of horizontally, vertically and diagonally adjacent pixels in the plain-image Lena (top), its corresponding shuffle-image (middle) and cipher-image (bottom).

Fig. 7 .
Fig. 7. NPCR (left) and UACI (right) measures for plain-image sensitivity of the proposed scheme.Each point represent an NPCR/UACI measure resulting from repeating the test 100 for each test image in (BOWS2).

Fig. 8 .
Fig.8.Bitwise xor between cipher-images C 1 and C 2 corresponding to Lena with K 1 and K 2 .Left: K 2 differs from K 1 by 10 −14 in one component of the initial condition of the 4D cat map.Right: K 2 differs from K 1 in the least significant bit of one control parameter of the 4D cat map.
presents NPCR and UACI measures for cipher-images corresponding to 25 test images in Test-images (2019) for a number of existing schemes.There are 7 test images of size 256 × 256 (top), 15 of size 512 × 512 (middle) and 3 of size 1024 × 1024 (bottom).

Fig. 12 .
Fig. 12. NPCR (left) and UACI (right) measures for cipher-images generated by existing image encryption schemes and the proposed scheme.The measures for existing schemes are obtained from Hua et al. (2019).

Fig. 13 .
Fig. 13.Adjacent intensity values correlation coefficients for the test image Lena and corresponding cipherimages generated by existing schemes and the proposed scheme.The values for existing schemes are obtained from Hua et al. (2019).

Table 1
Statistical Test Suite results for a matrix 1 and 49 of its consecutive cat transition matrices 2 , 3 , . . ., 50 as described in 3.4.Each matrix is processed as a sequence of 1048576 bits.According to the STS documentation, a minimum pass rate for each statistical test is 96%.

Table 2
The chi-square test results for the cipher-images corresponding to the test images Barbara, Lena and Elaine.This table also reports the chi-square value for a random image.

Table 3
Correlation coefficients of the test plain-images, shuffle-images and cipher-images for N = 10000.
Table 5 reports the mean of entropy measures over local cipher-images blocks, where the block sizes are 16 × 16, 32 × 32 and 64 × 64.It is evident from this table that the reported measures are

Table 4
Entropy measures for the test plain-images Barbara, Lena, Elaine and their corresponding cipher-images.
close to the theoretical mean of Shannon entropy measures for a random image, that is 7.174966353, 7.808756571 and 7.954588734 for 16 × 16, 32 × 32 and 64 × 64 blocks, respectively

Table 6
Statistical Test Suite results for 100 cipher-images, each of length 2097152 bits.

Table 8
(Wu et al., 2011)als for the null hypothesis with different levels of significance(Wu et al., 2011).

Table 9
NPCR and UACI measures between cipher-images C 1 and C 2 corresponding to the test images Barbara, Lena and Elaine, with slight modifications.

Table 10 NPCR
and UACI measures between cipher-images C 1 and C 2 corresponding to the test images Barbara, Lena and Elaine, with slight modifications in the secret key.

Table 12
Running time in seconds for encrypting a single image by existing schemes and the proposed encryption scheme Pr-IES.The running times for the schemes under comparison are quoted from Hua et al. (2019) used under license CC BY-NC-ND 4.0 (License, 2020).